2

3
1

icreep: Privacy redefined

Post-Deliberation
report

CAS 138T

Professor John Minbiole

About this report

Whether you were concerned with

Internet privacy in the modern

learn more about the issue. Another

the possibilities of being hacked, or

world. This included questions like:

student, majoring in computer

it was relevant to your future

career, the deliberation iCreep:
Privacy Redefined in the

Whether or not privacy should be

given up for better protection?

engineering, attended to learn more

about issues pertaining to his future
career and discuss a topic he was

Technological Era covered topics

Should the government and large

passionate about. He specifically

that were pertinent to everyone in

corporations should have access to

mentioned that in pursuing a career

attendance. Held in the Schlow

all information?

in the field of computer engineering

Library Community Room in State

College, Pennsylvania, the audience
consisted of mostly college
freshmen and sophomores, as well
as a motivated community member
who was invested in and
knowledgeable about the issues of
privacy in a digital age. Participants
in the deliberation discussed the
problems as well as potential
solutions that are associated with

With these questions in mind, the

members of the audience were
asked to give their personal stake on
the issue and explain their
connection to the topic at hand. The
reasons for attending varied from
person to person. One freshman felt
that since he did not use social
media, he had no need for Internet
privacy, so he attended simply to

he would inevitably have to make

decisions on whether or not the
consumers privacy is to be valued
more than the companys business
interests. Other reasons for
attendance included the desire to
avoid hacking and wanting to know
more about how much of our
information is collected.

The framework:
Approaching the issue
Approach 1 and a system

Finding Middle Ground

Placing our Trust in the

through Approach 2

Government through
Approach 3

of open data
Once the discussion on Approach 1
Following the introduction and personal
stakes, Approach 1 addressed the concept
of open data. In this approach, a system
was proposed in which data, such as
Internet and buying history, would be
tracked and put into a repository where
it could be accessed in order to observe
social trends. This information, while
accessible by everyone, would not
disclose any personal information such as
credit card or Social Security numbers.
The positives of this approach include a

ended, Approach 2 introduced fear as

the motivating factor behind the issue of
Internet privacy. This approach
consisted of providing a middle ground
between two extremes: opening all data
for public access and preventing the
government and corporations from
collecting it entirely. To an extent,
government surveillance would still be
appropriate, but it would have to be
justified on the grounds of national
security.

greater ability to do research, as well as

The final approach presented the concept

that corporations would no longer be
able to collect any data under any
circumstances, which data collection
being restricted to government purposes
only. The risk of information being
exposed would be reduced, since there
would no longer be large corporate
databases. This approach brought to light
the issue of trusting the government,
because the government would have to
be transparent in order for this approach
to work. One tradeoff mentioned was

government transparency. The negatives

Another main aspect in this approach

that it would decrease economic

include the possibility for data abuse. At

was that each individual would be given

efficiency, since corporations would no

the conclusion of this approach one of the

an opportunity to opt out of certain

longer be able to track the interests of

audience members suggested that the

types of surveillance by the private

their customers. Another problem with

problem with this approach would not be

sector. For example, they could choose

this approach pertained to how the

the openness of the information, but

not to have their search history available

government and corporations currently

rather the individuals that handle the data

to corporations, but they would have to

work together by sharing information.

collection. As he said,

allow for the government to access

Of the three approaches, this is the one

information that could reveal potential

the audience felt to be the least plausible

national security threats. Overall, this

and most problematic.

...the chain is only as strong as the

weakest link,

portion of the deliberation came to a halt

Suggesting that the human factor was an

with the consensus that the reason for

important consideration for this issue.

the data collection matters and that what

data is used for is even more important.

Approach 1

hesitant about opening up data for

Nevertheless, the younger

everyone to see. His implication and

representatives were able to agree

fears surrounding datas release

that they would not be averse to

established a generational gap. The

changes in their privacy levels if it

This approach, which outlined a

generational gap makes sense, as

meant benefits elsewhere.

redistribution of corporate, political,

those his age grew up with

and scientific data, centered

significantly more privacy than those

discussion around a few main themes

growing up today, who are used to a

that differed from those expected.

new standard of low privacy levels

While initial deliberation run-

with ubiquitous social media and

throughs showed a widespread

privacy agreements.

Redistribution of Data

paranoia that open data would be

misused, the deliberators at the

Points of Consensus &

formal event were more willing to

Unresolved Tensions

look past a reduced level of privacy

to embrace safety. This difference,

Points of consensus and unresolved

which led to a wider acceptance of

tensions were mostly generated by

Approach 1 than in pre-deliberation

the age gap. For example, most of

discussions, was likely the result of a

the younger generation who spoke

clarification that no critical personal

up at the debate seemed to prioritize

data, such as credit card numbers,

national security and innovative

social security numbers, or exact

research over their own Internet

addresses, would be released.

privacy. That prioritization may have

Instead, the approach would focus on

been an anomaly, since the most

large-scale trends.

vocal among them admitted to not

Critics of Open Data

Open data acceptance was not
present across the board, however,
as there was one outspoken critic of
this approach. Interestingly, the
critic was an older gentleman, who
suggested that others from his
generation might feel similarly

being heavily involved in social

media, which is rare these days.
Further research would be necessary
to see if the general population,
especially those in or just leaving

Another point of consensus among the

college-aged participants was their trust
in computer encryption. This came
up in response to a raised worry in the
ability of entities to protect the critical
personal information Approach 1 does
not plan on releasing. However, a
student with a background in computer
engineering was able convince doubtful
members of the deliberation of the safety
of encryption. While there are flaws in
encryption and there have been several
publicized instances of company hacking,
most agreed that the current level of
encryption is at least strong enough to
alleviate worries. The older deliberation
representative brought up the dangers of
a fully automated system, in response
to the perceived sense of security with
encryption. Effectively, he was worried
that once some companies release
information they will be unable to
withhold the critical personal
information that should not be released.

college, agrees with this emphasis on

national security and research over
their own privacy.

LifeLock

The company LifeLock was brought

up, as an example of an identity theft
company that would have to yield

Tension Between
Generations: A consensus among

the information it has collected on

the younger generation paired with

customers.

opposition from the older generation

to encryption segues into some

These points bring up a need to

unresolved tensions in the

General Consensus:

establish safeguards, both legislative

deliberation. These again stemmed

and encryption, against the release of

Overall, Approach 1 was met with

from an age gap, where the older

information that should not be

general acceptance, although tended to

generation tended to value privacy and

released.

polarize the deliberation by age. If

mistrust people with private data,

further research reveals resistance across

Further Research:

while the younger generation was in

the board in the older demographic or

favor of research and national security

If the open data movement were to

shows the younger population to be an

uses of data. The older generation

advance to policy, universal

anomaly in their lack of social media use,

seemed at times to relate privacy to

acceptance would not be necessary,

the approach would have to be

some slightly dated definitions of the

but alienating an entire demographic

reevaluated or clarified to appease all

word, such as street surveillance,

would not be acceptable. Thus,

whom it may affect. If not, the

which still happens, but is not entirely

further research to see how the

comparatively high level of support for

relevant when talking about Internet

older generations feel about the idea

this approach would be reason to make

privacy. Further, he tended to look at

of open data is absolutely

the open data movement policy,

the potential for an individual to

necessary.

especially given its relative ease of

exploit released data, which could

implementation.

If similar tensions emerge with

research into this population,
assurances and changes would need
to be made to ensure data be kept
safe, especially critical personal data.

happen, but would be limited to data

that would not be very damaging to
anyone. These both presented some
unresolved tensions in the group,
instilling more fear in the corruptibility
of people once they get their hands on
data.

Approach 2

Theme of Transparency

However, this would not always be

practical, for there are cases when the

In Approach 2 we discussed the role

The discussion of Approach 2

government must remain discrete

of privacy and security in the

eventually turned to the desired

when collecting data.

corporate and consumer world. The

transparency of corporations in their

feelings were mixed throughout the

data gathering practices. The audience

audience in relation to individuals

wanted to know the purpose and

being watched, whether on the

extent of the data gathered by our

streets of State College or in daily

Internet browsers and what it was

Is it plausible to require

online activity.

being used for. Another topic that

corporations to be transparent

was briefly discussed was the sale of

about the data they collect and

Individual Monitoring by

this data by large corporations and

market?

Corporations

Internet browsers. This sparked a few

The discussion began with a look at

their data and the market for

privacy on an individual level - from

consumer data.

Facebook ads tailor made to the

users Internet search history, to
government surveillance of personal
information. The role of
corporations and big businesses was
discussed; common themes appeared
to be transparency of corporate data
gathering, how the process could be
incentivized/mandated, and the
option of opting out of surveillance
on a consumer or government level.
Some of the deliberation-goers
leaned toward Approach 2, due to its
moderate ideas and similarities to the
current government system.

question about individuals selling

Theme of Individual
Choice

One question that brought about

interesting discussion was,

The group decided that it is not

plausible for multiple reasons, such
as:
1. It is not guaranteed that
corporations would follow any laws
enforcing transparency.

Another theme that emerged during

2. It may not be fair to enforce such a

the discussion of Approach 2 is that

law anyway.

the individual should have a choice

over how their data is managed. The
deliberators agreed that this idea
could only be enacted if the data
collection performed by private
corporations and the government
became more transparent. Without
transparency, how can citizens decide
what amount of surveillance they are
comfortable with?

On the other hand, the deliberation

members agreed that businesses have
an incentive to be transparent. If a
company is secretive about its
business operations, customers may
distrust the company and decline to
use its services.

Approach 2
Option to Opt Out: Deliberators
were also intrigued by the idea of opting
out of certain types of data collection.
They thought the ability to opt out of

with even more surveillance than what is already present. One member cited the
FBIs failed attempts to unlock the San Bernardino attackers phone as proof that
our data systems are secure. Younger members also felt more comfortable
sharing their information, since they have basically been sharing their
information their whole lives through social media. A few of the members felt
this way, in spite of hacking incidents that that had occurred in their personal
lives.

private data collection (based on what

data is being collected) could help
citizens feel like their privacy is not
being invaded by corporations; however,
the group also decided that opting out
should not be permitted in the case of
government surveillance. If a criminal
could opt out of government
surveillance, the country's security
measures would be ineffective.

More Generational Tensions

As you could see with other approaches,
tension exists between the older and
younger generations when it comes to
surveillance. One older deliberator felt
threatened by any type of surveillance.
He represented the more conservative
idea that the privacy of the individual is
paramount. This gentleman also did not
trust the information databases that
protect our information. To him,
technology is not secure. The younger
attendees were much more liberal about
surveillance. They insisted that the
reason for surveillance is important. If
the goal of government surveillance is
security, then they were comfortable

General Consensus:
Overall, Approach 2 was met with cautious acceptance. Deliberators were
comfortable with the ideas presented by Approach 2, but were not sure if they
were all plausible. It would be wise to test this approach by conducting trial
periods in small parts of the country. This would shed light on the viability of
Approach 2.

Approach 3

When Approach 3 was discussed at the deliberation,

well as how much data they can collect under what

surprisingly it was deemed the most radical of the three

guidelines.

approaches. This was not the expected outcome, but it

provided new insight that led to an intense discussion.

Implementation

At the beginning of the talk it was made clear by several

Some participants argued that with the current bond

members of the group that corporations and the

between citizens and corporations, Approach 3 was just

government were two different entities of data

not possible. Others were against the implementation

collectors that both needed to exist. While some

altogether because they believed our current

members saw this coexistence as a way for both

government would not be able to work together to pass

corporations and the government to supervise each

major legislation on the issue. Others explained that if

other, other deliberators believed that ones existence

such radical legislation were to be passed, it would have

was more important than the other and that legislation

to first start from the roots of society, with ordinary

needed to be passed that took this difference of power

citizens being the ones to push for this law and change

into consideration.

the current mindset about companies collecting and

Power Balance Between the Government

using their data.

and Corporations

This lack of practicality was the reason this approach was

One member of the group spoke of how companies

were finding ways around security guidelines,
suggesting that their access to personal data wasnt
monitored enough, and that government agencies could

deemed the most radical, but the group still offered

up discussion about how such a system would work if
legislation for it did pass.

General Consensus: Participants

follow suit in a lax nature towards the rules. The idea of

agreed that in general, Approach 3 was the

balance was continually brought up to focus on the

least plausible and most problematic.

state of government and corporate collection of data, as

Generational Gap Causes More Tensions: Throughout the entire discussion for Approach 3, one main issue

that kept coming up was the difference of thought on security between generations. Most of the group consisted of students
who would fall into the millennial category, with one vocal member belonging to an older generation. While the students
were open to having some of their information accessed for national security purposes, the one older group member was wary
of all methods of surveillance from security cameras on the street to online surveillance. This divergence of opinion revealed a
different way of thinking between the two generations, which most likely stems from a difference in exposure between the
two generations. The students in the group have been surrounded by the web from a young age, while older members of
society like the old man in our group lived during a time when there wasnt nearly as much connection due to technology, so
he knew a time of much more privacy. Going forward, this suggests that newer generations might have less focus on security
because they will be even more intertwined with technology.

The Impact of the Deliberation

The general consensus for the deliberation was that Approach 1, in which specific data was opened
for public use, was thought to be the most plausible in today's society. Although, the deliberation group
also recognized that a balance would need to be struck between this approach and the third, where certain,
personal data would not be collected or distributed by corporate entities. Approach 2 was determined to
already exist within the Freedom of Information Act, so this approach would have to be modified in a way
that was different than the original act, or possibly more in depth. Overall, the group agreed that enough
information needs to be available so that the government can maintain a level of surveillance necessary to
maintain adequate security while also allowing corporations to provide the conveniences we would not be
satisfied with losing. How much data and to what extent was not decided, but if one of these approaches
was to be enforced it would result in many court battles, and, because of the distinctive nature of each
individual case, it would result in exorbitant amounts of both taxpayer and personal money being spent
before a conclusion would be reached. The consensus of this deliberation was that the need for security
outweighs the demands for individual privacy. However, there was no clear agreement on the best way of
obtaining this result. Thus, there is huge potential for more research to be conducted in this area.
Demographic surveys could be conducted in order to determine how individuals feel about the current
state of data collection and how much they actually know. Other questions could include: in what areas is
security cherished the most? What types of information could be openly shared in order to obtain that
security? And, would it be preferred if no data was shared at all? Additionally, another deliberation could be
conducted where the approaches would include ways in which security and privacy could be refined to
work juxtaposed to protect the individual citizen more efficiently.

Key Ideas:
Fear:

Age Gap:
This age gap has brought upon tension amongst the
participants, with the older generation valuing

The theme of fear first came out in the deliberation

privacy, while the youth favored research and the use

during the discussion of Approach 1. Most participants

of data for national security. Additionally, when the

agreed that as long as they were not faced with any

younger participants agreed that they trusted

personal harm, they would not object to sacrificing

computer encryption, the older participant disagreed

some of their privacy, if it meant benefiting the public

and stressed the dangers of a fully automated

and promoting safety in the long run. However, one

system. Evidently, the younger participants had

older participant expressed his concerns, saying

more confidence in modern technology.

neither he nor other members of his generation would

appreciate the idea. Fear was one possible reason for
the generational gap that polarized opinions on
Internet privacy altogether.

Nearly every time, when a consensus was reached

among the younger generation, it was faced with
some sort of opposition from the older participant.
This leads us to believe that there are unresolved
issues stemming from the difference in generational
values.

Balance of Safety and

Security:
The idea of a balance between safety and security was
also a driving force for the entire deliberation. In

Transparency:

Approach 2 and Approach 3, the power balance

between the government and corporations was

Another important theme was that of transparency.

explored. It was the importance of this power balance

Approach 1 suggested a system of open data, while

that caused more people to support Approach 2,

Approach 2 focused on the transparency of corporate

which was more moderate compared to Approach 3.

data. In both cases, participants have all agreed that it

is important for them to know what data is being
collected as well as how it is being used.

Note for Policymakers

After deliberating with members of the community, the general consensus reached was that Approach 1 would
be the most successful, if implemented, because it did not call for any additional data collection. With this in
mind, we recommend that a similar approach be brought to the attention of policymakers, as its
implementation would be beneficial to the public.
The data collected by corporations should be made public so that the people know what data of theirs is being
used and so more people have access to these informative demographic trends.
Additionally, scientific findings should be made public, to encourage healthy competition, and thus future
innovation.
Finally, the people should have more and easier access to political data, to help keep them well informed so
they can better perform their civic duties to the country.
When publicizing this potential policy, it should be made very clear that no additional data will be collected,
and the data being released would not be highly personal. It may also be beneficial to include an opt-out
option, as was presented in Approach 2, for the corporate data that is already being collected. In this situation,
citizens that opt to keep information, such as their search history, private would lose the benefit of having access
to such data, once it is publicly shared. This tradeoff between privacy and information would be left for the
individual to assess.

icreep: Privacy redefined

Cas 138T

Works Cited
Cook, Tim. "A Message to Our Customers." Apple. Apple, 16 Feb. 2016. Web.
Davis, Jeremy Seth. "Facebook Quietly Supporting CISA, Privacy Group Says." SC Magazine. N.p., 26 Oct. 2015. Web.
Ebersole, Gary. "The Cloud Is a Vast Storehouse of Consumer Data Collected by Big Business." The Huffington Post. N.p., 16 Nov.
2015. Web.
Greenberg, Andy. "CISA Cybersecurity Bill Advances Despite Privacy Concerns." Wired.com. Conde Nast Digital, 12 Mar. 15.
Web.
"A Guide To Internet Privacy." Hosting Reviews. N.p., n.d. Web.
Kroft, Steve. "The Data Brokers: Selling Your Personal Information." CBSNews. CBS Interactive, 9 Mar. 2014. Web.
Lohr, Steve. "How Privacy Vanishes Online." The New York Times. The New York Times, 16 Mar. 2010. Web.
McMullan, Thomas. "How We Talk About The Cloud Shapes The Way We Perceive Internet Privacy." The Guardian. N.p., 7 Oct.
2015. Web.
"Mobile Technology Fact Sheet." Pew Research Center Internet Science Tech RSS. N.p., 27 Dec. 2013. Web. 28 Oct. 2015.
"NSA Spying on Americans." Electronic Frontier Foundation. N.p., n.d. Web.
"The Open Data Foundation." The Open Data Foundation. N.p., n.d. Web.
Preston, Alex. "The Death of Privacy." The Guardian. N.p., 3 Aug. 2014. Web.
Risen, Tom. "The Illusion of Online Privacy." U.S. News. N.p., 25 Aug. 2015. Web.
Schepp, Brad. "7 Ways to Use Social Media to Land a Job." Forbes. Forbes Magazine, n.d. Web.
Sidel, Robin, Danny Yadron, and Sara Germano. "Target Hit by Credit-Card Breach." WSJ. N.p., 19 Dec. 2013. Web.
Smith, Jacquelyn. "How Social Media Can Help (Or Hurt) You In Your Job Search." Forbes. Forbes Magazine, 16 Apr. 2013. Web.
Sullivan, Bob. "Online Privacy Fears Are Real." NBC News. N.p., 17 Nov. 2000. Web. 28 Oct. 2015.
Weldon, David. "Ashley Madison Breach Shows Hackers May Be Getting Personal." CIO. N.p., 30 Sept. 2015. Web.